HackDig : Dig high-quality web security articles for hacker

If you are a pentester like me, you are doing mobile application reviews on Android. One of the most important things to check is the server API. On the other hand we might want to see what possibilities a server has to influence the Android app with its responses. For both the easiest and most straight forward method is to do a Man-In-The-Middle attack in t

[The post Good IOC VS. Bad IOC: When Automation Fails… has been first published on /dev/random]
A few days ago, I wrote a diary on the SANS ISC website about automating the search for IOC’s (“Indicator of Compromise“). The use of tools to collect such information (IP addresses, domains, hashes, …) is very useful to build a list

Do Not Track, the privacy standard that's supposed to address one of the biggest issues of the 21st century internet - how you control who can track what you're doing online - isn't in the news. Again.That's no surprise though - despite its importance, Do Not Track hardly ever does anything remarkable or exciting enough to count as actual news.That doesn't m